In the previous blog, we discussed what security when hosting a web shop means exactly. In this blog, we will discuss how we, MageHost, try to guarantee the security of your Web shop as best as possible, so that you have as little to worry about as possible.
The four levels of data security
As mentioned in the previous blog, data security can be divided into four levels. These levels are divided into two physical and two digital levels. In this blog, we would like to tell you how we make it as easy as possible for you as a webshop owner to secure a site’s data.
Physical data centre security
MageHost uses Bit’s datacenters. These datacenters run entirely on sustainable energy and are very well secured. There is surveillance by means of cameras – inside and outside – and surveillance services. Also, you can only enter the building through double authentication including an iris scan. The datacenters are certified to the highest standards and are among the best in the Netherlands. All this to ensure that only the authorized people get access and security is guaranteed. MageHost uses two Bit datacenters. BIT-1 contains the servers on which our customers’ web shops are hosted. Backups are also made on these servers and are stored locally so that they can be retrieved quickly in case a web shop loses its backup. These backups are synchronised with a second datacenter BIT-2 for off-site backup. This way, there is always a copy of the data if something goes wrong with the servers in BIT-1. MageHost has its own fibre-optic connection between the two data centres to realise fast storage.
Physical server security
Within the datacenters, the servers are also well protected. The servers are kept at the right temperature by means of the cooling system and there is a smart fire protection system in place. Anyone who has followed the news a little may have heard about a datacenter in France that burned down causing millions of websites to go down. This fire protection system at Bit tries to significantly reduce that risk. The system makes sure that an early action is taken in case of fire by reducing the oxygen level in the air. This ensures that any fire is extinguished quickly without causing water damage to the equipment. These systems are set up to be as energy efficient as possible, which is also positive for the environment. The servers are also locked at bit: nobody can get in without a key.
Operating system security
The operating systems at Bit run on the latest technology and are regularly updated by us. This way we make sure that the web servers are constantly updated and bug-fixes are made as soon as necessary. We do this to prevent attacks. We make sure that any weaknesses in the system are immediately closed.
When we refer to applications, we are referring to our client’s webshop. Although this falls outside our responsibilities, we still do everything we can to make security as easy as possible for you as a webshop owner. This is where we try to offer our customer little peace of mind .
We have developed and configured our own WAF (Web Application Firewall) that prevents known attacks by default for all our customers. This firewall is automatically monitored. For example, long URLs are not allowed. Questionable cases are logged and fine-tuned. If new weaknesses or attacks are discovered, they are automatically included in the WAF.
In addition, we have a commercial subscription with Sansec, a scanner that we offer to all our customers as an extra service. This scanner runs a scan every night and produces a report. When errors are discovered, customers receive these reports via Slack or email. These reports show, for example, whether known weaknesses have been found in your application. The Sansec scanner scans all sites that run on WooCommerce, Magento and Shopware, the most widely used ecommerce platforms.
Human errors cannot be recognised by these systems. Suppose a developer makes an error, then unfortunately we can only help to a limited extent. There are, however, a number of human errors that are regularly made, and we do keep an eye on them. We will notify you as soon as an error is discovered.
All these safety measures ensure that a web shop does not have to worry too much about the safety of its data. Are you curious about what we can do for you? Please contact us for a personal consultation.